Ciscoís ASA 5500-X Series, ASA 5500, and PIX 500 firewalls provide combined firewall, IPsec VPN, and IPS services in compact single-box packages, delivering a wide array of features to match the security and compliance requirements of organizations from small and mid-size businesses to enterprises and Internet service providers. Ciscoís ASA 5500-X, ASA 5500, and PIX 500 firewall appliances enable network security staffs to protect their network perimeter and offer secure remote connectivity while using powerful management mechanisms built on Cisco's industry-leading firewall technology.
Ciscoís ASA 5500 and PIX firewall appliances have reached end-of-life (EOL) but are still widely used in small and mid-size organizations and in a few larger data centers. The ASA 5500-X Series Next-Generation Firewalls represent substantially more bang for the buck and have superseded the ASA 5500 and PIX 500 lines of firewalls for new installations. However, Cisco's older model firewalls, if carefully managed, continue to offer a high level of security by supplying multiple security functions including firewall, Virtual Private Network (VPN) connections, and IPS.
After Cisco's acquisition of Sourcefire, the whole line of Cisco ASA 5500-X devices can be configured to enable Firepower Services, based on Sourcefire's Snort product, which is the market's most deployed network intrusion protection system (IPS). Firepower services bring enhanced capabilities such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-premier infrastructure engineers can assist your organization to maintain and debug legacy ASA 5500 Series and PIX 500 firewalls and can also assist you to plan and carry out a smooth migration to Ciscoís ASA 5500-X firewalls with Firepower. Progent can also help you to plan, integrate, tune, manage and debug new firewall ecosystems built on Cisco's latest ASA 5500-X firewalls with Firepower Services.
Cisco's ASA 5500-X Firewall Product Family
Cisco's comprehensive line of ASA 5500-X firewalls features an improved substitute for each rack-mountable model in the previous ASA 5500 series of devices. Each ASA 5500-X firewall is suited for the identical environment as the corresponding earlier models, which offers most plenty of room for picking a solution that aligns with their security requirements and budgets. All ASA 5500-X firewalls are based on Cisco's tested stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and are capable of running Cisco's powerful security services. All devices in Cisco's ASA 5500-X product line deliver dependable protection across any combination of physical, virtual, and cloud environments.
For more details about Cisco's ASA 5500-X security appliances, Cisco Firepower services, and Progent's consulting for Cisco ASA firewalls, visit Firepower configuration and troubleshooting consulting
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls work with software or hardware modules that support Firepower Services, which provide layered protection against advanced threats. Cisco's Firepower Services are powered by technology adopted by Cisco from Sourcefire. Key features of Firepower Services for ASA 5500-X security appliances include:
- Multi-layer defense against familiar and zero-day attacks
- Advanced Malware Protection that utilizes big data techniques to discover and remediate security breaches
- Cisco's Next-Generation Intrusion Prevention System (NGIPS) that provides contextual analysis that looks at users, network infrastructure, apps, and content to detect threats that incorporate multiple approaches
- Fine-grained Application Visibility and Control that is familiar with thousands of applications and can automatically activate both standard and customized IPS policies depending on the severity of risk
Firepower Services for Cisco ASA firewalls offer advanced multi-layered protection
Simpler implementations of Cisco ASA 5500-X firewalls can be effectively managed via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool provided with all ASA 5500-X versions. ASDM provides a convenient web dashboard for deploying, managing, and debugging ASA 5500-X firewalls and modules.
For more complex deployments, ASA 5500-X firewalls with Firepower can be managed with Cisco's Firepower Management Center, available as one or several physical or virtual appliances. Firepower Management Center provides unified firewall management, Application Visibility and Control, advanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Because of frequent rebranding after Cisco's purchase of Sourcefire Defense Center, Firepower Management Center has been delivered under various names including Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Cisco's Firepower Management Center provides capabilities beyond those available with Cisco's on-device Adaptive Security Device Manager tool. Additional features include expanded context awareness, Cisco's Advanced Malware Protection (AMP) with remediation for user devices, a console that provides real-time network infrastructure visualization, automated policy optimization based on risk evaluation of threats, comprehensive IPS, custom application detectors for Application Visibility and Control (AVC), customized health notifications, improved reporting options, and application interfaces for host input and database access. Hardware-dependent capabilities like clustering, stacking, switching, routing, VPN, and NAT must be managed via Cisco's ASA 5500-X on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Firewalls
Cisco Adaptive Security Appliances (ASA) Firewalls build on technology developed for Cisco's PIX 500 Security Appliance, the Cisco IPS 4200 Series Intrusion Prevention System, and the VPN 3000 family concentrator. These technologies enable the Cisco ASA Firewall family to offer a firewall that defends against the widest range of threats. Cisco Adaptive Security Appliances Firewalls deliver application protection, local containment and control, and clean Virtual Private Network connectivity throughout Cisco's product line. This breadth of security enables the guarding of any network section, including the most common attack vectors such as remote locations, LAN-attached inside users, and remote access VPNs.
The scalable architecture of the ASA 5500 Series enables you to add features by installing service modules and cards. These user-installable options provide the ability to add IPS and content protection services like filtering virus, spyware, and phishing attacks and executing file and web filtering. In addition to allowing you to react rapidly to the latest risk environments, the expandable architecture of the ASA 5500 family also protects your hardware investment by prolonging the life of your security appliances. The ASA 5500 Series also protects your investment in administrative staff education by supporting the rich library of PIX security management utilities and protocols such as the Cisco Adaptive Security Device Manager (ASDM) system, protected command-line interface availability, syslog, and Simple Network Management Protocol (SNMP).
Cisco Adaptive Security Appliances (ASA) firewalls provide a high-level of application protection via intelligent, application-aware inspection engines that examine network flows at Layers 4-7. The result is a more secure network including Web, voice, and mobile wireless access. To defend networks against application-layer attacks and to offer stronger policing of the applications and protocols used in their networks, these inspection engines integrate broad application and protocol knowledge and employ protection enforcement solutions that include protocol anomaly sensing and state tracking. Also included are assault sensing and mitigation technology such as application and protocol command filters and content verification. Cisco Adaptive Security Appliances firewall inspection engines also deliver management of instant messaging and peer-to-peer file sharing, allowing organizations to enforce usage policies and free up bandwidth for critical business processes.
For additional details about Progent's support services for Cisco's ASA 5500 firewalls, visit Cisco ASA 5500 firewalls integration and debugging consulting.
Cisco PIX Security Appliance Series
Built upon a hardened, purpose-built operating system that delivers a wealth of security features, PIX firewalls offer a high level of security and have been awarded EAL 4 status and ICSA Firewall and IPsec certification. Cisco PIX firewalls offer protection for a broad array of VoIP and other multimedia standards including H.323 Version 4, SIP, Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol, helping businesses to safeguard deployments of a wide range of current and next-generation Voice over IP and mixed-media applications.
PIX firewall appliances feature a wealth of setup, monitoring, and analysis features, giving IT managers the flexibility to use the techniques that most closely match their requirements. Management options include common, policy-based administration tools, integrated web-based management, and compatibility with remote-monitoring protocols like SNMP and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system offers a powerful Web-based management platform that significantly simplifies the installation, ongoing modification, and monitoring of a single Cisco PIX firewall appliance without the need of any extra software other than a standard Web browser and Java plug-in to be running on an administrator's PC.
Administrators can furthermore remotely configure, track, and analyze PIX firewall appliances via a command-line interface (CLI). Secure command-line interface (CLI) access is available using a number of techniques such as Secure Shell (SSHv2) Protocol, Telnet through IP Security (IPsec), and out-of-band via a console port. Cisco PIX firewalls also include robust auto-update capabilities, a collection of advanced protected remote-administration services that ensure firewall configurations and software images are kept current.
For additional details about Progent's consulting services for PIX firewalls, go to Cisco PIX firewalls integration and troubleshooting support.
Progent's PIX to ASA Migration Consulting Support
Since Cisco has ceased offering the PIX product line, many companies are uncomfortable with relying on a critical security component that may stop being supported. ASA 5500 security appliances offer the advantage of being current devices and also bring several functions and financial benefits in comparison to PIX firewalls. These benefits include significantly higher performance, optional SSL VPN capability, and an expandable design that protects your investment by enabling you to add more security features when and if you need them. Progent's CCIE-certified network engineers can assist you to assess the strategic value of for upgrading from PIX to ASA 5500 firewalls, design a migration plan that allows for a quick and seamless upgrade, help your IT staff to install new ASA 5500 firewalls, and offer online, consulting, and troubleshooting services.
Additional Ways Progent Can Assist Your Business with Cisco ASA and PIX Firewalls
Cisco ASA 5500 Series adaptive security appliances and PIX firewalls provide a wealth of setup, monitoring, and analysis features which give you the ability to deploy these security appliances to match your company's needs. Progent's CCIE authorized network experts can help you to and support a cost-effective network infrastructure that includes Cisco ASA and/or PIX security appliances and that offers advanced security, resilience, performance, and recoverability. Progent's GISA and CISSP-ISSP-premier IS security experts can assist your business to develop a security policy appropriate for your situation and can set up your firewall to support your security policies. Progent's risk assessment professionals can evaluate the strength of your existing firewall deployment and audit the security of your entire IS environment. Progentís Help Desk support team can deliver urgent online troubleshooting for Cisco products and can give you quick access to a Cisco CCIE expert.
For additional information about Progent's consulting assistance for Cisco products, pick a subject:
For additional information concerning Progent's consulting expertise for Cisco solutions, select a topic:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
If you wish to contact Progent about professional help for Cisco products, call 1-800-993-9400 or refer to Contact Progent.